European Court: Bulk interception of British GCHQ was in violation of human rights

The British intelligence service GCHQ has violated two parts of the European Convention on Human Rights, the European Court of Human Rights has ruled. Bulk interception performed by the GCHQ was not properly authorized and not specific enough.

The Court’s ruling revolves around two articles of the European Convention on Human Rights, which, according to the Court, GCHQ violated when using bulk interception via communication service providers. According to the Court, this bulk interception is not against the Treaty, but it must have enough ‘end-to-end guarantees’. In addition, it must be assessed at each step of the process whether the bulk interception is necessary and proportional. In addition, this bulk interception must be subject to independent authorization and be assessed independently afterwards, the Court writes.

According to the Court of Appeal, this authorization is wrong. At the Government Communications Headquarters, as the intelligence service is called in full, the responsible minister gave permission for the bulk interception. However, according to the Court of Appeal, this minister is not independent of the implementation of the bulk interception, so that permission was not given correctly. A body independent of the GCHQ should have given such permission, the Court writes.

In addition, the requests for bulk interception did not specify what forms of communication would be investigated. Also, search terms linked to a specific individual, such as specific email addresses, were not pre-authorized internally. These two points, according to the Court, are contrary to the Treaty.

Finally, according to the Court, the GCHQ did not take enough account of confidential journalistic material. For example, when the intelligence agency received such material accidentally or otherwise through bulk interception, there were no safeguards to ensure that it was only analyzed after authorization from a judge or other independent body. In addition, there were no safeguards to prevent searches for journalistic material from being pre-approved by a judge or other independent body.

The lawsuit was started by multiple parties, including the Big Brother Watch, Human Rights Watch and journalists. The Court had already ruled on this matter in 2018, but prosecutors asked the Court to look again. That is why this new ruling has been made by the Grand Chamber of the Court. There are few substantive differences between the two statements.

The parties went to Court when it revealed through Edward Snowden that the British and American intelligence services shared stolen information. The Court states that there are enough safeguards to prevent abuse of these data sharing.